OS/Platform/Application:

Winamp

Category: ALERT
Severity: MEDIUM
Attention: Winamp users, System Administrators, Desktop Support Personnel.

Summary: Numerous Internet Security resources are reporting the existence of a new vulnerability in the popular Winamp media player application.  The vulnerability is related to the handling of .VOC files (sound files) and could (if successfully exploited) lead to takeover of a vulnerable system.

Recommended Actions:  At the time of this writing (2:30 PM 5/18/09) no fix is available from the vendor to address this issue.  Winamp Users are encouraged NOT to open/handle files from unknown or untrusted sources until a patch is available.

Readers are encouraged to share this alert with family, friends, and associates.

ITS Actions: N/A

Resources:

Vupen Advisory:
http://www.vupen.com/english/advisories/2009/1348